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1. A method of copy protecting data/sent from a server to a client for 
presentation to a user, comprising: 
cryptographically protecting the dataf 
sending the cryptographically protected data to the client; and 
selectively controlling copying functions of the client in respect of the data 
whilst the data is being held b/y the client in a form suitable for presentation 
to the user. 

2. A method according to claim 1 wherein the data is protected by 
encryption. 



3. A method according to claim 1 w-3- wherein the integrity of the data is 
protected cryptographically. 



4. A method according to claim 3 wherein the integrity of the data is 
achieved by hashing/ 

3. A method according tetany prcc ediftg-claim including authenticating 
that the client is permitted to receive the data. 

6. A method according to^ aay pre ceding-daiia including identifying the 
client to the server before the data is sent to the client. 

7. A metHod according to^a«y-p4^ceding-x4aim- including: 
downloading A program object to the client, 

running the brogram object on the client such that a request is uploaded to 
the server fofr a file containing the cryptographically protected data, 
downloading the file to the client, and 

rendering the cryptographically protected data in an unprotected form suitable 



for presentation to the user, 

the program object being operative sucji that no, or restricted, copy or save 
functions are offered to the user in respect of the downloaded data in its 
unprotected form. 

8. A method according t© claim 7 including downloading a message 
concerning a webpage wherein the message includes information concerning 
the program object, and uploading a request for the program object in 
response to said inforrriation in the message. 

9. A method according to claim 8 wherein the message is in HTML code 

10. A method according to ck-rm 8 wherein the program object 
comprises a Java, Active X or/OLE applet. 

11. A method acco/ding to^any-crae o f cl a i ms 7 to 10 wherein the message 
is presented to the vdser through a browser. 

12. A method acco/ding to^aay-^-ece ding clam r wherein the data is sent to 
the client from the server through a network. 




13. A method according to claim 12 wherein the network comprises the 
World Wide Web. , 

14. A method according to^any one/uf i4aiffls-Z-tQ-46 wherein the program 
object includes data concerning a cryptographic key, and including using the 
key to render the downloaded cryptographically protected data into an 
unprotected form suitable for presentation to the user 

15. A method according toAny-^ecedin^-claim- wherein the server and the 
client each hold data corresponding to a cryptographic key and a machine 
identifier for uniquely identifying the client, the method including: 
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sending a challenge to the client, such that it/generates a signed response as a 
cryptographic function of the key and the/machine identifier held therein, 
generating from the cryptographic key^ahd machine identifier held associated 
with the server, a corresponding signed response as a cryptographic function 
of the key and the machine identifier, 

comparing the signed responses from the client and the server, and if they 
correspond, performing the encryption with the key, 
and performing the decryptionyat the client with the key. 

16. A method according to^a ny pr eeediftg-^laiaa wherein the data is 
steganographically marked. 

17. A method according to^an y preced ing-claim including registering the 
client with the server. 

18. A method according to any-Tp^eeedmg-^hmrr including; 

A- / 

determining a machine identifier <bi the client by analysing its hardware 



md/ or its software configuration^ 



transmitting the machine identifier to the server, 
combining the transmitted machine identifier with a cryptographic key to 
form a unique determinator/for the client, 

transmitting the unique determinator to the client, to be stored therein for use 
subsequently in identifying the client to the server, to permit encrypted data 
to be downloaded there/o from the server. 

VI. A server configured to perform a method as claimed in any prec e d ing 
ciarm. // ~ > /% 



20. Initiation by the client, of the downloading of copy protected data by 

a method according to afl^-pjece^dms-ctaiia. 

A * * 
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21. A copy protected data storea on the client by a method according to 
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A 



anyp receding-xkim. 



22. A method of downloading encrypted data from a server to a client, 
including: 

registering the client with the server by 

determining a machine identifier of the client by analysing its hardware 
and/or its software configuration, 

transmitting the machine identifier to the server, 

combining the transmitted machine identifier with a cryptographic key 
to form a unique determinator for the/client, and 

transmitting the unique determinator to the client, to be stored therein 
for use subsequently in identifying tMe client to the server, to permit 
encrypted data to be downloaded thereto from the server; 
subsequently identifying the client to the server on the basis of the unique 
determinator; and then 

downloading data encrypted by mfeans of the cryptographic key to the 
identified client, for decryption bf the client using the key from the unique 
determinator. 

23. A method according to claim 22 including decrypting the downloaded 
data at the client using the key /from the unique determinator. 

24. A method according tof claim 22 en=-2-3- wherein the client is identified 
to the server by again determining the machine identifier for the client, 
comparing it with the machiAe identifier included in said unique determinator, 
and signalling to the server dn the basis of the outcome of the comparison. 

25. A method according to claim 22^23-0^-24- including authenticating the 
client to the server prior to! downloading of the encrypted data. 



26. A method according to claim 25 including generating a challenge, 
generating a response as a predetermined cryptographic function of the 



cryptographic key for the client as held by/the server, and as a function of 1 
key included in the unique determinator/tored in the client, and 
authenticating the client on the basis of the outcome of the comparison. 

27. A client configured to /perform a method as claimed in any- onc - of 
claims_22-te-26. / Ly ^ 




